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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH{S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- tf NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply wiW, by statute, cause the application to become ABANDONED (35 U.S.C. § 133), 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )K Responsive to communication(s) filed on 25 July 2005 . 
2a)l3 This action Is FINAL. 2b)n This action is non-final. 

3) n Since this application is in condition for allowance except for fomnal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex pa/te Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 1-66 is/are pending In the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) 13 Claim(s) 1-1 3.1 5-21.23-41. 43-57 and 60-66 is/are rejected. 

7) 13 Claim(s) 14.22.42.58 and 59 is/are objected to. 

8) 0 Clalm(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) 0 The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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2. n Certified copies of the priority documents have been received in Application No. . 
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DETAILED ACTION 

1 . The enclosed detailed action is in response to the Amendment submitted on July 25, 
2005. 



Claim Rejections - 35 USC §102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1 (a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the Enghsh language. 

3. Claims 1-13, 15-21, 23-41, 43-57 and 60-66 are rejected under 35 US.C. 102(e) as being 
anticipated by O'Hare et al. (USPN: 6,484,173). 

Regarding claims 1, 6-7 and 12, O'Hare discloses in response to a non-media access request (a 
system call; C 1, L 34-35) by a first of the plurality of devices to a logical device at the shared 
resource for which the first device has no data access privileges (wherein data access privileges 
refers to read or write access) (C 10, L 13-14; C 4, L 31-36 - this condition occurs when access 
control of the system includes read and write operations, along with system calls [C 2, L 3-6] and 
when system calls are allowed and read/write operations are not allowed from the first device to 
the logical device at the shared resource; each requesting device is allowed access to certain 
regions of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 
6), determining whether the first device is authorized to have non-media access to the logical 
device, based at least in part, on an identity of the first device (Figure 6, References 216->220- 
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>224->226->228->230->214; C 2, L 16-30; C 13, L 62-66; C 14, L 49-50) and authorizing the 
non-media access request when it is determined that the first device is authorized to have non- 
media access to the logical device (C 2, 25-30; C 14, L 19-22). 

Regarding claims 2-3 and 16, O'Hare discloses denying the non-media access request when it is 
determined that the first device is not authorized to have non-media access to the logical device 
(C 13, L 57-61; this effectively ignores the request since the request is never processed or 
executed). 

Regarding claims 4 and 17-18, O'Hare discloses forwarding the non-media access request to the 
physical device corresponding to the logical device (Figure 1, References 34-36; Figure 3; 
Reference 36; requests are forwarded to the physical device via ports 34-36; C 7, L 31-39). 

Regarding claims 5, 24 and 32, O'Hare discloses system calls, which control configuration and 
operation of the storage system and thus such system intrinsically includes any requests which is 
related to configuring or operating the storage system and that includes an availability request (C 
6, L 30-32). 

Regarding claims 8 and 10, O'Hare discloses the elements of claim 1 performed by a filter 
(security module; C 14, L 22-32) that controls access to a plurality of logical devices (Figure 1, 
References 24-26) at the shared resource (Figure 1, Reference 22) and further comprising 
maintaining in a data structure (matrix. Reference 100 in Figure 5) accessible to the filter 
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configuration information corresponding to the first device wherein the configuration 
information includes first configuration information identifying each of the plurality of logical 
devices (W, X, Y, Z) to which data access (access indicated by one of B, C and M which 
represents data access level) by the first device (one of requestors Q, R, S, T and V) is authorized 
and whether the non-media access (access indicated by one of B, C and M which represents the 
non-media access level) is authorized to each of the plurahty of logical devices for which the 
configuration information identifies that no data access is authorized for the first device (C 10, L 
21-67; C 11, L 1-32). 

Regarding claim 9, O'Hare discloses examining the configuration information corresponding to 
the first device to determine whether the first device is authorized to have non-media access to 
the logical device (C 13, L 54-61). 

Regarding claims 1 1 and 23, O'Hare discloses determining whether an access request by the first 
device is one of a data access request and a non-media access request (C 13, L 54-61). 

Regarding claims 13 and 21, O'Hare discloses the storage system performing the operations in 
claim 12 (Figure 3, Reference 22, 60; C 14, L 22-32). 

Regarding claims 15, 19-20 and 25-27, O'Hare discloses maintaining in a data structure (matrix, 
Reference 100 in Figure 5) accessible to the filter configuration information corresponding to the 
first device wherein the configuration information includes first configuration information 
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identifying each of the pluraUty of logical devices (W, X, Y, Z) to which data access (access 
indicated by one of B, C and M which represents data access level) by the first device (one of 
requestors Q, R, S, T and V) is authorized (C 10, L 21-67; C 1 1, L 1-32); in response to a non- 
media access request (a system call) by a first of the pluraUty of devices to a logical device at the 
shared resource for which the first device has no data access privileges (wherein data access 
privileges refers to read or write access) (C 10, L 13-14; this condition occurs when access 
control of the system includes read and write operations and when read and write operation 
access types are not allowed for the first device to the logical device at the shared resource; each 
requesting device is allowed access to certain regions of the shared resource for certain access 
types, refer to C 10 - C 14; Figure 5 and Figure 6), determining whether the first device is 
authorized to have non-media access to the logical device and authorizing the non-media access 
request when it is determined that the first device is authorized to have non-media access to the 
logical device (Figure 6, References 202, 216, 220, 224, 226, 228, 230 and 214; C 12, L 57-65; C 
13, entire; C 14, L 1-21). 

Regarding claims 28, 33, 38-41, 48, 52 and 57, O'Hare an input to be coupled to the network, 
wherein the network couples the plurality of devices to the shared resource (Figure 3, Reference 
62; C 4, L 18-30); and at least one filter (Figure 3, Reference 64; C 14, L 22-32) coupled to the 
input (via Reference 62 in Figure 3) that is responsive to the non-media access request by a first 
of the plurality of devices to a logical device at a shared resource for which the first device has 
no data access privileges (wherein data access privileges refers to read or write access) (C 10, L 
13-14; this condition occurs when access control of the system includes read and write 
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operations and when read and write operation access types are not allowed for the first device to 
the logical device at the shared resource; each requesting device is allowed access to certain 
regions of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 
6), to determine whether the first device is authorized to have non-media access to the logical 
device and to authorize the non-media access request when it is determined that the first device is 
authorized to have non-media access to the logical device (Figure 6, References 202, 216, 220, 
224, 226, 228, 230 and 214; C 12, L 57-65; C 13, entire; C 14, L 1-21). 

Regarding claim 29, 31, 49 and 51, O'Hare discloses the filter denying the non-media access 
request when it is determined that the first device is not authorized to have non-media access to 
the logical device (C 13, L 57-61; this effectively ignores the request since the request is never 
processed or executed). 

Regarding claims 30 and 50, O'Hare discloses a plurality of storage devices (C 5, L 64-67) 
coupled to the at least one filter, and wherein when it is determined that the first device is 
authorized to have non-media access to the logical device, the at least one filter forwards the 
non-media access request to a storage device corresponding to the logical device (C 7, L 48-67; 
C 8, L 1-24). 

Regarding claims 34, 36, 48 and 53-54, O'Hare discloses data structure (matrix, Reference 100 
in Figure 5), accessible to the at least one filter, that stores configuration information 
corresponding to the first device that includes first configuration information identifying each of 
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a plurality of logical devices (W, X, Y, Z) at the shared resource to which data access (access 
indicated by one of B, C and M which represents data access level) by the first device (one of 
requestors Q, R, S, T and V) is authorized and second configuration information identifying 
whether non-media access (access indicated by one of B, C and M which represents the non- 
media access level) is authorized to each of the plurality of logical devices for which the first 
configuration information identifies that no data access is authorized for the first device (C 10, L 
21-67; C 11, L 1-32). 

Regarding claims 35 and 55, O'Hare disclose the at least one filter examining the second 
configuration information corresponding to the first device to determine whether the first device 
is authorized to have non-media access to the logical device (C 13, L 54-61). 

Regarding claims 37 and 56, O'Hare discloses examining the access request to determine 
whether the access request is one of a data access request and a non-media access request (C 13, 
L 54-61 - determining access request type). 

Regarding claims 28, 33, 38-41, 48, 52 and 57, O'Hare an input to be coupled to the network, 
wherein the network couples the plurality of devices to the shared resource (Figure 3, Reference 
62; C 4, L 18-30); and at least one filter (Figure 3, Reference 64; C 14, L 22-32) coupled to the 
input (via Reference 62 in Figure 3) that is responsive to the a non-media access request by a 
first of the plurality of devices to a logical device at a shared resource for which the first device 
has no data access privileges (wherein data access privileges refers to read or write access) (C 



Application/Control Number: 09/75 1 ,684 Page 8 

Art Unit: 2187 

10, L 13-14; this condition occurs when access control of the system includes read and write 
operations and when read and write operation access types are not allowed for the first device to 
the logical device at the shared resource; each requesting device is allowed access to certain 
regions of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 
6), to determine whether the first device is authorized to have non-media access to the logical 
device and to authorize the non-media access request when it is determined that the first device is 
authorized to have non-media access to the logical device (Figure 6, References 202, 216, 220, 
224, 226, 228, 230 and 214; C 12, L 57-65; C 13, entire; C 14, L 1-21). 

Regarding claim 29, 31, 49 and 51, O'Hare discloses the filter denying the non-media access 
request when it is determined that the first device is not authorized to have non-media access to 
the logical device (C 13, L 57-61; this effectively ignores the request since the request is never 
processed or executed). 

Regarding claims 30 and 50, O'Hare discloses a plurality of storage devices (C 5, L 64-67) 
coupled to the at least one filter, and wherein when it is determined that the first device is 
authorized to have non-media access to the logical device, the at least one filter forwards the 
non-media access request to a storage device corresponding to the logical device (C 7, L 48-67; 
C8,Ll-24). 

Regarding claims 34, 36, 48 and 53-54, O'Hare discloses data structure (matrix, Reference 100 
in Figure 5), accessible to the at least one filter, that stores configxiration information 
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corresponding to the first device that includes first configuration information identifying each of 
a plurahty of logical devices (W, X, Y, Z) at the shared resource to which data access (access 
indicated by one of B, C and M which represents data access level) by the first device (one of 
requestors Q, R, S, T and V) is authorized and second configuration information identifying 
whether non-media access (access indicated by one of B, C and M which represents the non- 
media access level) is authorized to each of the plurality of logical devices for which the first 
configuration information identifies that no data access is authorized for the first device (C 10, L 
21-67; C 11, L 1-32). 

Regarding claims 35 and 55, O'Hare discloses the at least one filter examining the second 
configuration information corresponding to the first device to determine whether the first device 
is authorized to have non-media access to the logical device (C 13, L 54-61). 

Regarding claims 37 and 56, O'Hare discloses examining the access request to determine 
whether the access request is one of a data access request and a non-media access request (C 13, 
L 54-61 - determining access request type). 

Regarding claims 43-47, O'Hare discloses a computer readable medium (C 18, L 36-60) 
comprising a data structure relating to access management by a plurality of network devices to 
data stored on a plurality of logical devices of a shared resource, the data structure including a 
plurality of records each corresponding to one of the plurality of network devices, a first record 
of the plurality of records corresponding to a first of the plurality of network devices and 
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including configuration information identifying each logical device of the plurality of logical 
devices to which data access by the first network device is authorized to have non-media access 
to a first logical device of the plurality of logical devices when the configuration information 
corresponding to the first network device identifies that no data access to the first logical device 
fi-om the first network device is authorized (Figure 5, C 10, L 28-67; C 1 1, entire; C 12, L 1-33). 

Regarding claims 60-66, O' Hare discloses a plurality of storage devices that store a plurality of 
logical volumes of data (C 5, L 64-67); a data structure to store configuration information 
identifying whether a first network device of a plurality of network devices [C 4, L 18-30 - when 
the devices are coupled to the storage via a network, the devices are network devices] that are 
coupled to the storage system is authorized to access data on a first logical volume of the 
plurality of logical volumes (Figure 5, Reference 100; C 21-67 ; C 1 1, L 1-32); and a filter, 
responsive to the configuration information stored in the data structure, to selectively forward 
non-media access requests fi-om the first network device to the first logical volume when the 
configuration information identifies that no data access to the first logical volume fi*om the first 
network device is authorized (Figure 3, Reference 64; C 14, L 22-32; Figure 6; C 12, L 57-67; C 
13, entire; C 14, L 1-21), 

Allowable Subject Matter 

4. Claims 14, 22, 42 and 58-59 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 
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Response to Arguments 

5. Applicant's arguments filed have been fully considered but they are not persuasive. 
O, Hare clearly teaches allowing a requestor access to a section of memory, wherein the access 
may be no access, read only, system calls, etc. (C 5, L 4-8). Furthermore, O'Hare teaches that 
the different requestors may have different levels of access (C 5, L 8+). 

O'Hare discloses that the system may be configured to accept system calls at some or none of the 
ports (C 6, L 49-52), Figure 5 may explains the operation of the system in general terms, 
however, the disclosure indicates repeatedly that each host, and its corresponding section of 
memory in which it has access to, may have different access levels ranging from read only, 
system call, no access etc., and thus O'Hare makes clear that the system may be configured to 
operate such that system calls (non-media access) may be allowed to a section of memory where 
read and write operations [media access] are not allowed. 

The below arguments have been repeated to reiterate the above points. 

Each host requestor in the system is allowed certain types of accesses [read and write or system 
calls] to certain regions of memory [refer to C 4, L 35-36], wherein the allowed access types is 
associated with the host via the host ID in the matrix in Figure 5 [refer to C 2, L 16-30, C 4, L 
3 1-36; C 13, L 62-66, C 14, L 49-50]. Therefore a requestor may NOT have read and write 
access but MAY HAVE system call access to a particular region of the storage. In the above 
rejection, claim 1 for example, is rejected based upon this scenario, the relevant language states 



Application/Control Number: 09/75 1 ,684 Page 1 2 

Art Unit: 2187 

"..for which the first device has no data access privileges (wherein data access privileges refers 
to read or write access) (C 10, L 13-14; C 4, L 31-36 - this condition occurs when access control 
of the system includes read and write operations, along with system calls [C 2, L 3-6] and when 
system calls are allowed and read/write operations are not allowed from the first device to the 
logical device at the shared resource; each requesting device is allowed access to certain regions 
of the shared resource for certain access types, refer to C 10 - C 14; Figure 5 and Figure 6). 
Thus O'Hare does teach authorizing a non-media access request to a logical device from a device 
that lacks data access privileges. 

Additionally, a system call does not perform read and write operations [refer to C 1, L 34-35], as 
admitted by the Applicant in the After Final Amendment submitted on May 27, 2004 entered in 
the record via the RCE submitted on July 27, 2004, "Applicants mistakenly characterized the 
system calls of O'Hare as performing both administrative operations and data accesses (i.e., read 
and write operations). For this reason, Applicants argued that a system call does not meet the 
definition of Applicants* claimed non-media access request. Upon reconsideration in preparing 
this response, the undersigned now believes that O'Hare does not disclose system calls that 
directly read and write data, but rather only those that perform administrative-like operations 
(O'Hare, col. 1, lines 29-36). Thus, Apphcants withdraw any assertion that the system calls of 
O'Hare perform read and write operations..". 

The system call may instruct the host to perform an activity that requires the host to perform a 
SUBSEQUENT read and write operation. 
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Conclusion 

6. TfflS ACTION IS MADE FEVAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kimberly N. McLean-Mayo whose telephone number is 571-272- 
4194, The examiner can normally be reached on Mon (10-4), Tues, Thu (10-2), Fri (10-6:30). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Donald Sparks can be reached on 571-272-4201 . The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) systera Status information for pubhshed applications 
may be obtained from either Private PAIR or PubHc PAIR. Status information for unpublished 
apphcations is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electegnic Business Center (EBC) at 866-217-9197 (toll-free). 




Kimberly N, McLean-Mayo 
Primary Examiner 
Art Unit 2187 



KNM 



October 3, 2005 



